﻿<%@ Page Language="C#" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<%@ Import Namespace="System.Web.Security" %>
<%@ import Namespace="RobozzleModel" %>
<%@ Import Namespace="System.Linq" %>

<script runat="server">
  void Logon_Click(object sender, EventArgs e)
  {
      RobozzleEntities entities = new RobozzleEntities();
      string passwordHash = StatsCommon.HashPassword(UserPass.Text);
      bool success = entities.User.Any(
          r => r.Username == UserEmail.Text && r.Password == passwordHash);
      
      if (success)
      {
          FormsAuthentication.RedirectFromLoginPage(UserEmail.Text, true);
      }
      else
      {
          Msg.Text = "Invalid credentials. Please try again.";
      }
  }
</script>

<%
    if (Request["action"] == "logout")
    {
        FormsAuthentication.SignOut();
        Response.Redirect("/js/");
    }
%>

<html>
<head id="Head1" runat="server">
  <title>RoboZZle Login</title>
    <link href="stats.css" rel="stylesheet" type="text/css"/>  
</head>
<body>
  <form id="form1" runat="server">
    <%= StatsCommon.MenuBar(MenuPage.None) %>  
    <h1>RoboZZle Login</h1>
    <table>
      <tr>
        <td>Username:</td>
        <td><asp:TextBox ID="UserEmail" runat="server" /></td>
        <td>
          <asp:RequiredFieldValidator ID="RequiredFieldValidator1" 
            ControlToValidate="UserEmail"
            Display="Dynamic" 
            ErrorMessage="Cannot be empty." 
            runat="server" />
        </td>
      </tr>
      <tr>
        <td>Password:</td>
        <td><asp:TextBox ID="UserPass" TextMode="Password" runat="server" /></td>
        <td>
          <asp:RequiredFieldValidator ID="RequiredFieldValidator2" 
            ControlToValidate="UserPass"
            ErrorMessage="Cannot be empty." 
            runat="server" />
        </td>
      </tr>
      <tr>
        <td colspan="3"><asp:Button ID="Submit1" OnClick="Logon_Click" Text="Log On" runat="server" /></td>
      </tr>
    </table>
    <p><asp:Label ID="Msg" ForeColor="red" runat="server" /></p>
  </form>
<%= StatsCommon.Footer() %>
</body>
</html>
